Retail

Online Shopping Using a Credit Card

Tenable for Retailers

Both brick-and-mortar and online retailers that accept credit/debit cards are subject to adherence to the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a comprehensive security framework for the  protection of payment card data.

Tenable products meet or demonstrate adherence to numerous PCI DSS requirements from internal vulnerability scanning with Nessus®, to fulfilling external scan requirements with our PCI Approved Scanning Vendor (ASV) Nessus Perimeter Service. The Passive Vulnerability Scanner identifies data flows to maintain the cardholder data environment, and Security Center Continuous View can be used to demonstrate compliance with numerous PCI DSS requirements.

Vulnerability Scanning with Nessus

Fulfill internal vulnerability scanning requirements with the Nessus® vulnerability scanner. Prepare for a PCI compliance assessment using Nessus PCI audit reports. These generate simple PCI pass / fail results — making analysis of large numbers of servers or vulnerability results easy and automatic.

Learn more

PCI ASV Validation with Nessus Perimeter Service

PCI Compliance

Tenable Network Security is a PCI Approved Scanning Vendor. You can use Nessus Perimeter Service™ to perform unlimited perimeter scans and submit up to two findings reports per calendar quarter for PCI validation.

Learn more

Maintain Compliance with Continuous Monitoring

Monitor and assess your PCI compliance continuously by combining Nessus with the other components of the Tenable SecurityCenter CV platform: SecurityCenter, Passive Vulnerability Scanner, and the Log Correlation Engine.

Learn more

Vulnerability Scanning with Nessus

The PCI DSS strongly advocates analysis by a trusted third party. With Nessus, organizations can run PCI vulnerability scans to identify and correct issues well before the official audit occurs. This can reduce the cost of the official audit by reducing the time it takes to get the auditors the information they need.

Nessus can identify sensitive data that may be subject to PCI compliance requirements, including common data formats such as credit card numbers and Social Security numbers. Nessus can perform these searches without an agent, only requiring valid credentials to scan a remote computer.

PCI ASV Validation with Nessus Perimeter Service

Tenable Network Security is a PCI ASV and is certified to validate PCI vulnerability scans of Internet-facing systems for adherence to the PCI DSS.

  • Use a single solution, Nessus Perimeter Service, to perform PCI scans and submit them for quarterly PCI ASV validation.
  • Submit up to two PCI scans per calendar quarter for validation by Tenable’s PCI-certified professionals.
  • Easily generate executive, attestation, and detailed reports — offering proof of compliance needed for submission to an acquiring bank.

Intelligent Continuous Monitoring

Nessus is a component of Tenable's comprehensive security, risk and compliance platform, which also includes Tenable SecurityCenter, the Tenable Passive Vulnerability Scanner (PVS), and the Tenable Log Correlation Engine (LCE). The Tenable platform offers enterprise retailers continuous monitoring and centralized intelligence for PCI compliance.

  • Continuously monitor and discover new devices on the network that may create PCI exposure.
  • Secure log aggregation / storage and log normalization / search for compliance monitoring and analysis.
  • Identify PCI-relevant assets and limit PCI scans to those assets, reducing time and resources required for regular scans.
  • Create a single view of risk exposure which includes Internet-facing web application vulnerabilities.

Read more about how the Tenable platform can help monitor the 12 PCI Requirements.

For more information on how the Tenable SecurityCenter CV Architecture platform can help your retail organization with PCI compliance auditing, view the “Real-time PCI Compliance Monitoring” whitepaper.

Have questions or need more information about Tenable's retail security solutions? Check out:

Buy Nessus

Save up to $1,200 on product, training, and certification bundles.

Buy Now

Buy Nessus Perimeter Service

Scan your Internet-facing IPs and submit for quarterly PCI ASV validation

Buy Now

Evaluate Tenable SecurityCenter CV Architecture

Schedule an enterprise evaluation of SecurityCenter, PVS, or LCE

Contact Us